1. Field of the Invention
The present invention relates to the authentication of an integrated circuit or of an electronic device containing such a circuit, by means of an authentication method using a private or secret datum or quantity contained in the integrated circuit.
The present invention more specifically relates to authentication methods based on the use of a secret datum (also called a private key or datum) by means of an external device. An example of application of the present invention is the field of smart cards, be they of prepaid count unit type or not.
2. Discussion of the Related Art
The various methods of authentication of a smart card or the like aim at avoiding the piracy or the falsification of a card, either by use of a discrete device reproducing the card or by piracy of a read terminal, or by large-scale reproduction of falsified smart cards.
The authentication methods with the highest performances use a private quantity present in the integrated circuit to be authenticated and a so-called public quantity or key, depending on this private quantity and stored in an external device (generally separate from the smart card read device). The private quantity is indirectly involved each time the integrated circuit requires authentication, without any “knowledge transfer”. In such so-called “zero-knowledge” methods, the authentication occurs according to a protocol which, in a proved manner and under hypotheses recognized as being perfectly reasonable by the scientific community, reveals nothing of the secret key or private quantity of the entity, the signature of which must be authenticated. Examples of known authentication methods to which the present invention applies are described in French patent application no. 2,716,058 and in U.S. Pat. No. 4,995,082 which are incorporated herein by reference.
Such methods do not send the private quantity itself, but a calculation result taking this private quantity into account, a number which is a function of a random number chosen by the integrated circuit and communicated to the external device, and a random number chosen by the external device and communicated to the card. The result is then checked by the external device to authenticate the card. This checking further uses public keys which are most often certified by another device (generally called the “trusted third party”). In a chip personalization phase, said chip calculates a public key that it transmits, with its identifier, to a “trusted third party”. The latter calculates a certificate that it sends back to the chip, which stores it. In use, the chip communicates its identifier and the certificate to the reader. The reader recalculates the public key of the chip based on these two values and a public key of the “trusted third party”.
Although high-performance methods hide the private quantity during transfers, they are powerless against piracies inside of the integrated circuit.
In particular, conventional authentication methods and systems do not protect the data contained in the storage elements of the chip card or the like. These data may be formed of processing programs (including the program necessary to the execution of the authentication method) or of various data. Among the data stored, for example, in EEPROM-type memories, is in particular the certified public key of the “trusted third party” enabling the reader to recalculate the public keys of the chips.
The fact that the data and programs are not protected is a breach in the security of smart card systems. This weakness is further increased by the fact that the authentication is performed by the card itself, and thus based on its programs and on the accessible elements of its memory.
Another disadvantage of conventional authentication methods is linked to the use of a private datum, which is further indispensable to make out or differentiate electronic devices or sub-assemblies, for example, smart cards, from one another. The disadvantage precisely is that this quantity is a datum stored in the component to be identified. Such a quantity is accordingly capable of being pirated by examination of the storage element (for example, the registers or the like) of the smart card in which the quantity is stored. Further, the private quantity generally is immutable for a given smart card, to enable repeated authentication thereof. This results in a weakness of the authentication function.